Help: After compiling Trojan into openwrt , do I need to set the port forwarding of openwrt?and how to set

falcon2 · April 12, 2021, 7:56am

Problem：pc B can access baidu.com, but even if trojan has been started, it is still unable to access google.com

Network environment:
pc A
as bypass gateway, pc A (openwrt) address: 192.168.1.5,
pc B

trojan-client (on pc A) config profile:

{
"run_type": "client",
"local_addr": "127.0.0.1",
"local_port": 1080,
"remote_addr": "example.com",
"remote_port": 443,
"password": [
"password"
],
"log_level": 1,
"ssl": {
"verify": true,
"verify_hostname": true,
"cert": "/etc/fullchain.crt",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"sni": "",
"alpn": [
"h2",
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"curves": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
}
}

Test on computer B cmd shows:
tracert baidu.com
gateway: 192.168.1.5
192.168.1.1
it's working.

question: what should i do next.

falcon2 · April 12, 2021, 8:20am

and openwrt version: v19.07.7

falcon2 · April 12, 2021, 10:09am

wow~ ,may be i should try the other way

mk24 · April 12, 2021, 2:21pm

What do you "compile into OpenWrt" if Trojan is something that runs on a PC?

Admittedly not knowing anything about Trojan, it looks like you are trying to proxy all of PC B's Internet use through PC A. Then PC A would alter this traffic and send it out via its regular LAN connection to the (Chinese firewalled) Internet. It is unclear if anything about the router needs to be unconventional.

I think this configuration means the Trojan process is only listening on the localhost interface of PC A. It would not respond to 192.168.1.5.

bobafetthotmail · April 12, 2021, 2:21pm

It is not malware, it is a tool/proxy to bypass chinese state firewall

falcon2 · April 13, 2021, 7:20am

yep, I want to bypass the GFW by setting the bypass router( which mean pc A,and it system is openwrt)

falcon2 · April 13, 2021, 7:35am

this is trojan(https://github.com/trojan-gfw/openwrt-trojan)

i think the same as u, perhaps it is necessary to forward the data packets of the 192.168.1.0 network segment to 192.168.1.5:1080. It is not very clear for now.

i will try the other way.

anyway ,thansk for ur reply！

tmomas · April 23, 2021, 7:35am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.